Skip to content

ECauth (SSH/Telnet) Transfer Module

Info

The ECauth module transfers files over an interactive SSH or Telnet session authenticated through ECMWF's ECauth service. All options use the ecauth. prefix. Credentials default to the ECauth service account but can be overridden with ecauth.user / ecauth.pass.

Connection

Basic connection

Option Default Description
ecauth.protocol ssh Transport protocol: ssh (port 22) or telnet (port 23)
ecauth.port 22 / 23 Remote port. Defaults to 22 for SSH, 23 for Telnet. Override here if non-standard.
ecauth.user from config ECauth service username used to open the interactive session
ecauth.pass from config ECauth service password
ecauth.hostList none Comma-separated list of target hostnames. The module picks one at runtime (optionally with load balancing).
ecauth.resolveIP true Resolve hostnames to IP addresses before connecting
ecauth.proxyList none Comma-separated list of SOCKS/proxy addresses to route through
ecauth.listenAddress none Local IP address to bind when opening data connections
ecauth.cwd from host Initial working directory after login. Defaults to the user's home directory from the ECauth session.
ecauth.connectTimeOut 30s TCP connection timeout
ecauth.sessionTimeOut none Maximum lifetime of an interactive session before it is recycled
ecauth.keepAlive 0 Send keep-alive command every N ms (0 = disabled)
ecauth.useNoop 0 Send NOOP every N ms to keep the session alive (0 = disabled)

SSH / Auth

SSH authentication

Only relevant when ecauth.protocol=ssh.

Option Default Description
ecauth.privateKeyFile none Path to a PEM private key file on the DataMover for public-key authentication
ecauth.privateKey none Inline PEM private key (alternative to privateKeyFile)
ecauth.passPhrase none Passphrase for the private key if it is encrypted
ecauth.fingerPrint none Expected SSH host key fingerprint. Connection is refused if the server fingerprint does not match.
ecauth.cipher none SSH cipher suite to negotiate (e.g. aes128-ctr). none lets JSch negotiate automatically.
ecauth.compression none SSH compression algorithm (e.g. zlib). none disables compression.
ecauth.serverAliveInterval none SSH server-alive message interval (e.g. 60s). Prevents idle disconnection.
ecauth.serverAliveCountMax none Number of unanswered server-alive messages before the session is considered dead

Transfer

File transfer behaviour

Option Default Description
ecauth.usetmp false Upload to a temporary name (with suffix) then rename on completion
ecauth.mkdirs false Create remote directory hierarchy if it does not exist
ecauth.prefix none Prefix added to the remote filename
ecauth.suffix .tmp Suffix used during upload when usetmp=true (default is .tmp when no explicit prefix/suffix is set)
ecauth.mksuffix false Generate a random 3-character suffix instead of using ecauth.suffix
ecauth.ignoreCheck true Skip the post-upload file size verification
ecauth.usemget false Use mget for bulk retrieval operations instead of individual get calls
ecauth.listOptions none Extra options appended to the remote ls / directory listing command
ecauth.copyCmd none Custom shell command template for server-side copy operations
ecauth.chmodOnCopy 640 Octal permission mode applied to files after a server-side copy

Exec hook

Option Default Description
ecauth.execCmd none Shell command executed on the remote host after each transfer
ecauth.execCode 0 Expected exit code of execCmd. Any other exit code is treated as an error.

Advanced

Directory creation hooks

Option Default Description
ecauth.mkdirsCmdIndex 0 Path component depth at which to start issuing mkdir commands (0 = from root)
ecauth.preMkdirsCmd none Shell command(s) executed before creating directories
ecauth.postMkdirsCmd none Shell command(s) executed after creating directories
ecauth.ignoreMkdirsCmdErrors false Continue even if pre/post mkdir commands return a non-zero exit code

Example

ecauth.protocol = "ssh"
ecauth.port = "22"
ecauth.usetmp = "true"
ecauth.mkdirs = "true"
ecauth.ignoreCheck = "false"
ecauth.serverAliveInterval = "60s"
ecauth.serverAliveCountMax = "3"
ecauth.chmodOnCopy = "644"